Quickly Exporting of Certificates via PowerShell

As I was doing some work with Sitecore Automation Framework, I needed to quickly export certificates from my local store.  Here is the quickest way that I could come up with.

ls | ?{ $_.FriendlyName -match "_SAF$" } | %{ Export-PfxCertificate -Cert $_ -FilePath "C:\<projroot>\infra\configuration\Local\$($_.FriendlyName).pfx" -Password (ConvertTo-SecureString -String "1234" -Force -AsPlainText) }

Maybe there is a nicer way to do that but that’s what comes to mind.

Windows Auth with local IIS developer workstation

I was just troubleshooting an issue with legacy code base on my client workstation.  It is IIS 7.5 (guess what OS i am running) with Asp.Net  4.X and v2.0/v3.5 ISAPI registered.

The Asp.Net legacy application is built using windows authentication for security purposes.  When I configured the local code base to publish to local IIS website with a custom name, the website kept on prompting me an error.  For the life of me, I could not figure out the issue.  Setting Application Pool back to “Network Service” from ApplicationPoolIdentity did not fix the issue.

After breaking my head for hours, I finally remembered this little Gem from the past with the help of Google of course.  Basically, for NTLM and Kerberos if the target IIS host is in the domain, it is very strict who is allowed to authenticate via SSPI (fancy acronym for security negotiating).  I will need to update my developer on-boarding script to make sure I either disable loop-back checking or white-list the local custom dev URLs.  Security to insanity!

Quickly updating SharePoint 2010 service account

At my current client, I run a sandbox SharePoint 2010 single server environment on top of Windows 7 with my corporate credential as my service account.

I get a wonderful message saying that my account password is about to expire, so obviously, my heart goes thumping. Here we go again.  It’s time to lose more hours on running around and switching around password within SharePoint 2010 that powers all the web apps, service apps, etc…

However, as per my colleague suggestion, it turned out to be pretty easy:

  1. Change your corporate account password using Ctrl+Alt+Delete -> Change Password
  2. Run the following command in PS to quickly update everything else.
$cred=get-credential;Set-SPManagedAccount -Identity $cred.Username -ExistingPassword $cred.Password -UseExistingPassword

Restart the IIS via “iisreset /noforce” and you’re all set.

Design Manager woes with plain HTML

In our recent projects for SharePoint 2013, we have to use the design manager to build a responsive branding design package.  If you are not familiar with this new feature, please take a look at  Overview of Design Manager in SharePoint 2013 to familiarize yourselves.

One of the challenges that we found with SharePoint 2013 Design Manager is that it modifies and rearranges not only <!–MS/ME/SPM –> markup code, but also the HTML itself during design package import process.

One such example was when we included protocol agnostic script source tag for jquery.


<script type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>

The resultant tag in the imported instance was the following.


<script type="text/javascript" src="/ajax/libs/jquery/1.10.2/jquery.min.js"></script>

After attempting various tricks using <!– –> markup and trying to enclose the html in the design manager tags with no particular success.  The workaround was as follows, after obtaining an answer to our post on MSDN forum:


<!--SPM:<asp:Literal runat="server" Text="&amp;#60;script type='text/javascript' src='//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js' &amp;#62; &amp;#60;/script&amp;#62;" /> -->

The Literal ASP.Net server control is used to emit raw html that we need during response. Note, that the input has to be html encoded to avoid further issues with Design Manager.  This is really ugly but will do for now.